From patchwork Sat Aug 17 00:18:28 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pedro Falcato X-Patchwork-Id: 820112 Received: from mail-wr1-f45.google.com (mail-wr1-f45.google.com [209.85.221.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6E217256E; Sat, 17 Aug 2024 00:18:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.45 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723853927; cv=none; b=staHvULY4pI8ANXyQ6VLa0atwX3WYLYnr4ovwO1WpUTJXLCMLeU2hheIRw5X+5RJ8wvV0vTMUlufAVtkljHMD2KyMoXGfcZpSiH/p1/fmVV5+4Vjy8VrTHSsW3jNzQTzrYqEZCUtkKfom1sXblvyP2ds4tT0FVqvbM2UNmxQjiQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723853927; c=relaxed/simple; bh=TE42/IB2CccHSiCs8bJa52DZagIXGjgfR8xOnJQNc9o=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=RJhNDRgV2Jko3gaqZvecyp8FK+XQsv97a3FVIvCYII9DGFGDmfV+WMFKwEUIZ+bHl8Zd9U+s/m4b/dyIRGYG/Y3+eH6GNT4YmSAOmp6iobhvLu6VWaS3a8Q9UqwKLmHSBKAUw7cvAgE/bNRtOnAveIA1x1oCvodK0tCjO4ZUZGQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=ZBTecDV/; arc=none smtp.client-ip=209.85.221.45 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="ZBTecDV/" Received: by mail-wr1-f45.google.com with SMTP id ffacd0b85a97d-3718ca50fd7so1268663f8f.1; Fri, 16 Aug 2024 17:18:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1723853919; x=1724458719; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=eE0tAujU+84Fl5Bml9LnGFFfJTwW8AbGe4iKDNDJLPI=; b=ZBTecDV/XPyqei/hvTJTjLs78EWWJMyAAGWFsF99p/Ix+iPfOrt5FHjfr+VIYPI2TI XjRcj746an2AUySyu1i977YCupFK8Eljlnezl7puw8Qi8cVGbgp/OiqcS6C8UMmXJyw7 8wfm8ObUmWAk24ZjARTXd0EFf8C3qpjKbR1qA0Emoy+88VopHRNdcLh7pbs8i7TAqS8w CvWXZj6/StVDVBDYe/+4naJ/6PwhlRE7ADzDZRbDeMSmfe7DhM3LwGPiKEKvG/GeehrO cXntLAQycT0KQXnJzkebacjSURyzDMLnZh2+skIYyIjc5bd8+Y2XtluknNlPck21udnN S7/Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723853919; x=1724458719; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=eE0tAujU+84Fl5Bml9LnGFFfJTwW8AbGe4iKDNDJLPI=; b=Glw2A4N9/SotegNP4pICFJMyYqhxwfzBsd7k2O6YJVcFzibRqeQ42pfEeTrMhBNnl4 ewlPVLns9opwYp1qIdAz3lDhY3/UB6L/aPgoQ3eysdTOkKy4YyDJQ1thDopISCoU3fLw +tYiqKbZFPNeK/qXTcWAeHPd+4sEnF1yY8kgsJz8YbJisBmBHyUs6xvyDXoaXL3iyE9u DubAL13IqzGHW3RZdHNRlE8aLGA9n2GAR5pf57EJ6AfwuKpCtrA7x+0iX0a5bzMDVw60 4NZDrZx+O8WoeeU/mzTt8a1nfv2TXIff8TI5CdMBmwu4WKSQIVXSDtlwtrWt0lS04R4T 7GGw== X-Forwarded-Encrypted: i=1; AJvYcCUejgwSQE+uaWocqNMkWPijz3AIN+I2VWmoUmEEKaXk2Tqs+W2mFIzbmDfilK6wmeDdLBTDPClWO6+7tUGWQeClHfnvEfWP7wGOtfSPpFeSjk1UASwOWUbGK/Hd60/vQ2J5rdNE40UZispz942g X-Gm-Message-State: AOJu0Yyh1F+Bw218lcffg7dxE6vSNmEdp2hnEWsGp074Ba+jfT34VU7q cKPpuJ0VZzRwmGpFJkbhYnGK1tKIf17LvYmiXOkuuvxzLHgL3hQgDinbK2h9 X-Google-Smtp-Source: AGHT+IH+rZczV1rucrOJegV86RCCzxDjSfxcW+VweSbEmrGCi5wWUt76859GZxn1s0ipCW3cR+tVCA== X-Received: by 2002:a05:6000:a81:b0:368:5bb4:169b with SMTP id ffacd0b85a97d-371943159b6mr2775762f8f.4.1723853917768; Fri, 16 Aug 2024 17:18:37 -0700 (PDT) Received: from [192.168.1.91] ([2001:818:e92f:6400:96b:aa92:afc0:2d3d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-429d781047asm104842055e9.0.2024.08.16.17.18.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 16 Aug 2024 17:18:37 -0700 (PDT) From: Pedro Falcato Date: Sat, 17 Aug 2024 01:18:28 +0100 Subject: [PATCH v3 1/7] mm: Move can_modify_vma to mm/vma.h Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20240817-mseal-depessimize-v3-1-d8d2e037df30@gmail.com> References: <20240817-mseal-depessimize-v3-0-d8d2e037df30@gmail.com> In-Reply-To: <20240817-mseal-depessimize-v3-0-d8d2e037df30@gmail.com> To: Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes , Shuah Khan Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, jeffxu@chromium.org, oliver.sang@intel.com, torvalds@linux-foundation.org, Michael Ellerman , Kees Cook , Pedro Falcato X-Mailer: b4 0.14.1 Move can_modify_vma to vma.h so it can be inlined properly (with the intent to remove can_modify_mm callsites). Signed-off-by: Pedro Falcato Reviewed-by: Liam R. Howlett --- mm/mseal.c | 17 ----------------- mm/vma.h | 28 ++++++++++++++++++++++++++++ 2 files changed, 28 insertions(+), 17 deletions(-) diff --git a/mm/mseal.c b/mm/mseal.c index 15bba28acc00..2170e2139ca0 100644 --- a/mm/mseal.c +++ b/mm/mseal.c @@ -16,28 +16,11 @@ #include #include "internal.h" -static inline bool vma_is_sealed(struct vm_area_struct *vma) -{ - return (vma->vm_flags & VM_SEALED); -} - static inline void set_vma_sealed(struct vm_area_struct *vma) { vm_flags_set(vma, VM_SEALED); } -/* - * check if a vma is sealed for modification. - * return true, if modification is allowed. - */ -static bool can_modify_vma(struct vm_area_struct *vma) -{ - if (unlikely(vma_is_sealed(vma))) - return false; - - return true; -} - static bool is_madv_discard(int behavior) { switch (behavior) { diff --git a/mm/vma.h b/mm/vma.h index 6efdf1768a0a..e979015cc7fc 100644 --- a/mm/vma.h +++ b/mm/vma.h @@ -361,4 +361,32 @@ struct vm_area_struct *vma_iter_prev_range(struct vma_iterator *vmi) return mas_prev_range(&vmi->mas, 0); } +#ifdef CONFIG_64BIT + +static inline bool vma_is_sealed(struct vm_area_struct *vma) +{ + return (vma->vm_flags & VM_SEALED); +} + +/* + * check if a vma is sealed for modification. + * return true, if modification is allowed. + */ +static inline bool can_modify_vma(struct vm_area_struct *vma) +{ + if (unlikely(vma_is_sealed(vma))) + return false; + + return true; +} + +#else + +static inline bool can_modify_vma(struct vm_area_struct *vma) +{ + return true; +} + +#endif + #endif /* __MM_VMA_H */ From patchwork Sat Aug 17 00:18:29 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pedro Falcato X-Patchwork-Id: 820113 Received: from mail-lj1-f169.google.com (mail-lj1-f169.google.com [209.85.208.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5147E63C; Sat, 17 Aug 2024 00:18:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.169 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723853924; cv=none; b=pRnHPc4P0q3VNcgqO3dyM6uoE9gI4YVdBU1BIEmGlFsQMR8T3rWVrPQTv+TLEpWyTT4KEoc0iRNYl7ZQysQCJF2pZ75vnx75VTb0hIZwPWTCJQ+xp8Dj33j/D4Ly7gqjyS8V70syKbK6/RqppU6Lt9E7DKZ8cw9EUZSCTVN7Z+4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723853924; c=relaxed/simple; bh=wxZ0fURU6BVyD4NMhxsgOZ9Hl4+rpPyQ2k0OfS8AnqM=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=UnM4nd0I2jCc6CFpGvO9p7kMV4e4/NGXiRGfYAgtXzIyYxC+8oyfIN8yGZdbfU9zXnsurElDYfj1w5UXUbar+HZ53doTTH8tS9O7WhZos0L3sCe5IAx0wFSl0F+0Y4+yj7bip51Wy7c2dj3CVpB9O6YvLgFf7zDuG+jIpLGEld0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=HW1DZvCu; arc=none smtp.client-ip=209.85.208.169 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="HW1DZvCu" Received: by mail-lj1-f169.google.com with SMTP id 38308e7fff4ca-2f0271b0ae9so31780151fa.1; Fri, 16 Aug 2024 17:18:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1723853920; x=1724458720; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=hQdfB2TJjcHTWcrkMiwvMjty3cwhCh0Z/hQjDmUKSz0=; b=HW1DZvCuqC414z1RfI+ZbC+bqcTgNEqs43Su1ELN4tRlvt+QtI7A/CC64A1ocaLqCI hNXSpJYbxlUI/WUR8s1RFrjJRQM+8sQ/ozDdMMcHwqHispyzVHTWc8V1MgKOi6W2Bdwm h8cwrEx9DVUCC0iQ/6frxnEgAUOPLy8x26rTz16G+WTz0YpDwK/3nCwJoSFNL/N4DZiZ EsIqo56tldqHob/hle86WQIPKeSy077cY99QWA5Co/oMH7JJDd/8JTdFi58E1Jojxdbm MO4HqlAHS0WE9UYAmhrAjWhOFE8xAp+M6MGX3hyO7cOGyf3FmlA/kUWeVl1Zw9UKIUT5 33QA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723853920; x=1724458720; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=hQdfB2TJjcHTWcrkMiwvMjty3cwhCh0Z/hQjDmUKSz0=; b=NJsotI9ZmXlI6ulqxMqo7yQohxaFPRYyw+NQV0RFiaEvEFlt1iFyNsfKWPf2rEIhAe VjOhySfffNKCh1+NGxdlGyqjWltOuMFhiiV+YbbR79U/FAsqjh6VyK1r6g31wofQHtnx biom0iOFq5wqw3GfK6I94HwHOVD+1N9zLOlOoacVLWGkhqAdq2dJZW8xFZcIIVbeV3/C vPxd8ErhdgB8ajKaXeD6m/pylIlKIlkS0ghffpnMgRFtGzSTGvLy1SPSZy6YYJzrUX8N CklEZiFniMNJci6cQKaul6hxWIicgYx+XNNhO1ub7Eoo1/STZUi3sZ9z08731FPnNkUo ptxQ== X-Forwarded-Encrypted: i=1; AJvYcCXMridDA0Z+VzdWZtwAypltOapFZELx1Ok4b/8Prn54/XQ2C3kDnSA/Wg2TxuPrGCxrpIbyousYvBwni9NjV0IwTBoVgNY4KlzGhTd+TPB7VgHlo6PXPYX3T/cd0duksxPGBjCmpQ2Y1xum6VVo X-Gm-Message-State: AOJu0YxlclCdj889+A8STgH6PRIeHJiNw4ovr+QnUT9cIo5qPabmIMO+ TmYli/AO7Wls74cJZcn5Bl18zDteRdvx0h6OOnJaYCTIKb74OU1a2L2lCDuC X-Google-Smtp-Source: AGHT+IFZ9b78tVtcZPQGq9NYpF0/YwksiknLfMYODd0Q+Kd8EWcZCWbrFfO0fyGveiS9SrzB4Z6g/g== X-Received: by 2002:a2e:d01:0:b0:2f1:9248:c325 with SMTP id 38308e7fff4ca-2f3be5f8cecmr29055721fa.31.1723853919102; Fri, 16 Aug 2024 17:18:39 -0700 (PDT) Received: from [192.168.1.91] ([2001:818:e92f:6400:96b:aa92:afc0:2d3d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-429d781047asm104842055e9.0.2024.08.16.17.18.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 16 Aug 2024 17:18:38 -0700 (PDT) From: Pedro Falcato Date: Sat, 17 Aug 2024 01:18:29 +0100 Subject: [PATCH v3 2/7] mm/munmap: Replace can_modify_mm with can_modify_vma Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20240817-mseal-depessimize-v3-2-d8d2e037df30@gmail.com> References: <20240817-mseal-depessimize-v3-0-d8d2e037df30@gmail.com> In-Reply-To: <20240817-mseal-depessimize-v3-0-d8d2e037df30@gmail.com> To: Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes , Shuah Khan Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, jeffxu@chromium.org, oliver.sang@intel.com, torvalds@linux-foundation.org, Michael Ellerman , Kees Cook , Pedro Falcato X-Mailer: b4 0.14.1 We were doing an extra mmap tree traversal just to check if the entire range is modifiable. This can be done when we iterate through the VMAs instead. Signed-off-by: Pedro Falcato Reviewed-by: Liam R. Howlett --- mm/mmap.c | 11 +---------- mm/vma.c | 19 ++++++++++++------- 2 files changed, 13 insertions(+), 17 deletions(-) diff --git a/mm/mmap.c b/mm/mmap.c index 3af256bacef3..30ae4cb5cec9 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -1740,16 +1740,7 @@ int do_vma_munmap(struct vma_iterator *vmi, struct vm_area_struct *vma, unsigned long start, unsigned long end, struct list_head *uf, bool unlock) { - struct mm_struct *mm = vma->vm_mm; - - /* - * Check if memory is sealed, prevent unmapping a sealed VMA. - * can_modify_mm assumes we have acquired the lock on MM. - */ - if (unlikely(!can_modify_mm(mm, start, end))) - return -EPERM; - - return do_vmi_align_munmap(vmi, vma, mm, start, end, uf, unlock); + return do_vmi_align_munmap(vmi, vma, vma->vm_mm, start, end, uf, unlock); } /* diff --git a/mm/vma.c b/mm/vma.c index 84965f2cd580..5850f7c0949b 100644 --- a/mm/vma.c +++ b/mm/vma.c @@ -712,6 +712,12 @@ do_vmi_align_munmap(struct vma_iterator *vmi, struct vm_area_struct *vma, if (end < vma->vm_end && mm->map_count >= sysctl_max_map_count) goto map_count_exceeded; + /* Don't bother splitting the VMA if we can't unmap it anyway */ + if (!can_modify_vma(vma)) { + error = -EPERM; + goto start_split_failed; + } + error = __split_vma(vmi, vma, start, 1); if (error) goto start_split_failed; @@ -723,6 +729,11 @@ do_vmi_align_munmap(struct vma_iterator *vmi, struct vm_area_struct *vma, */ next = vma; do { + if (!can_modify_vma(next)) { + error = -EPERM; + goto modify_vma_failed; + } + /* Does it split the end? */ if (next->vm_end > end) { error = __split_vma(vmi, next, end, 0); @@ -815,6 +826,7 @@ do_vmi_align_munmap(struct vma_iterator *vmi, struct vm_area_struct *vma, __mt_destroy(&mt_detach); return 0; +modify_vma_failed: clear_tree_failed: userfaultfd_error: munmap_gather_failed: @@ -860,13 +872,6 @@ int do_vmi_munmap(struct vma_iterator *vmi, struct mm_struct *mm, if (end == start) return -EINVAL; - /* - * Check if memory is sealed, prevent unmapping a sealed VMA. - * can_modify_mm assumes we have acquired the lock on MM. - */ - if (unlikely(!can_modify_mm(mm, start, end))) - return -EPERM; - /* Find the first overlapping VMA */ vma = vma_find(vmi, end); if (!vma) { From patchwork Sat Aug 17 00:18:30 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pedro Falcato X-Patchwork-Id: 820228 Received: from mail-wr1-f47.google.com (mail-wr1-f47.google.com [209.85.221.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 27E3979CF; Sat, 17 Aug 2024 00:18:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.47 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723853929; cv=none; b=i71PDR6nAxdZFYMI3VUD1+WUFulsUM6heXB47K7fqtLKZG+rTf1sOJr4Wpx5a3eFzso4kD4oBzc9MqhokQr0tmkTK/aZPHq4tK4CQRfCjnsXlNMlXAFx7A+uKjc+PNeeh9DBr+PzzMk98qvS4MuqJHP9duJ3VaRzDxzuKejy2Cg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723853929; c=relaxed/simple; bh=9qBu9Ek1/IFuCMDXuTD8qKQ1G284lan1qhEPi5YvOgk=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=fWCrzEPOID1EPs0l/1iyqlEhndaG4Oub/mj20UEtsaOloMx8gox0nGf8Utq4R0jx+XXpg8ALiA9Wvn4QSjq/gCqszGza6l/fNE21xzRviKxGQTBzSQfaSLrELggB3jZqTeqDcFqW5tJKpVRfHrqix1aLXWSoxc7/N/szEQj7YjI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=PWKIwrhb; arc=none smtp.client-ip=209.85.221.47 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="PWKIwrhb" Received: by mail-wr1-f47.google.com with SMTP id ffacd0b85a97d-3717de33d58so1435268f8f.1; Fri, 16 Aug 2024 17:18:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1723853921; x=1724458721; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=yXNmIj+NcTYxWHoqolJZlZHTThjq2Cli8Ss2fpPQn+g=; b=PWKIwrhbaYS4eGpqJDgVSURDT/CjmsTf/AmtaQgXweQiq8oHjaw8WKYr8BFJCxwUQM qL9/Dko4vir+txUGYfRJFspwNkoLvf/kajssatyeMBPvqJLHzgO+zFmvctgT+7YJX210 hoH25456WRser0hnW3EtvBoeATfQJYEdJuTCwOhPJLxRhRUsytTYndReuae6ncUodjmI /7yDpZHiuSOfxZDDyv7Tx+q3sG3eqrfn2sTAKFsyY09wsVGqygWTxuNVxFgRvOILHUEu ELGLsrcoyM8aA/NCRHhqyJOvjwIGU0SYcZtKKSN5nWRiqPlRZLa+3nK6u04pnIGEvmt6 1KQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723853921; x=1724458721; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=yXNmIj+NcTYxWHoqolJZlZHTThjq2Cli8Ss2fpPQn+g=; b=feSsnTILYsqhS7sK3pftnCw4F0/tkonyP/Xayo+Oo7cnzwtWZl6DPXOPt5Xu7aVq5z HAatKV1CJK0nOasmUGnIX6pri8pPhkM5M68lEcR6D0TtLMqKExQL53Ru2egaaXZzDa/n q/pnoWhC7vrahLT04su5o/JUqIdNOdaNnayR19Y/TB2/9Xqq9RFcGjl7wH62aM9gXMdG j9t6sbqEg67VS2gZ+a2kLr9gH2ZJ7flb87N02uWBSqnuvAGW/0gbTClln1pcrqHxjSvC QIylR2HsxLWdb/bvo6j8sLaCXFcwPd8nCu/cnQVrDorDJPSijhcqvL8EavS+4Jkdpq27 tpDg== X-Forwarded-Encrypted: i=1; AJvYcCUm/5ErRIHsPEh43ILABAZZYue7IMgdvPO1/ngWCxUC+jYqep5KJKUZZP7bIVRpd65ksX+nvJfeQ8Umysc=@vger.kernel.org, AJvYcCVpfsZJ31JQopB9VSkuGndBm8YrOwMeOJuT6d9tYkn7IzbU393zF6TNZ24KvOqHX0ObAXXVnHJhVHgUHtxXqw1/@vger.kernel.org X-Gm-Message-State: AOJu0YyME82geoBxqaimnL4NvpzLKR5v1nNmWEqWkSj+oOwhVr5A7EN1 fkUSGGBMlyUF1ePEssJJpj5J8Lcsn0bUnLuDoo4PKzKI0psW8WnoQv2SIotf X-Google-Smtp-Source: AGHT+IFoYlT2c74A++INbVCxGR66uRuw0eMCD6t4X/oZJnDreC1ipLncpJI2gMf0RbWhFUUMPxAr9w== X-Received: by 2002:a5d:5a15:0:b0:360:7c4b:58c3 with SMTP id ffacd0b85a97d-371946a0b75mr5498311f8f.54.1723853920474; Fri, 16 Aug 2024 17:18:40 -0700 (PDT) Received: from [192.168.1.91] ([2001:818:e92f:6400:96b:aa92:afc0:2d3d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-429d781047asm104842055e9.0.2024.08.16.17.18.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 16 Aug 2024 17:18:40 -0700 (PDT) From: Pedro Falcato Date: Sat, 17 Aug 2024 01:18:30 +0100 Subject: [PATCH v3 3/7] mm/mprotect: Replace can_modify_mm with can_modify_vma Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20240817-mseal-depessimize-v3-3-d8d2e037df30@gmail.com> References: <20240817-mseal-depessimize-v3-0-d8d2e037df30@gmail.com> In-Reply-To: <20240817-mseal-depessimize-v3-0-d8d2e037df30@gmail.com> To: Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes , Shuah Khan Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, jeffxu@chromium.org, oliver.sang@intel.com, torvalds@linux-foundation.org, Michael Ellerman , Kees Cook , Pedro Falcato X-Mailer: b4 0.14.1 Avoid taking an extra trip down the mmap tree by checking the vmas directly. mprotect (per POSIX) tolerates partial failure. Signed-off-by: Pedro Falcato Reviewed-by: Liam R. Howlett --- mm/mprotect.c | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/mm/mprotect.c b/mm/mprotect.c index 446f8e5f10d9..0c5d6d06107d 100644 --- a/mm/mprotect.c +++ b/mm/mprotect.c @@ -611,6 +611,9 @@ mprotect_fixup(struct vma_iterator *vmi, struct mmu_gather *tlb, unsigned long charged = 0; int error; + if (!can_modify_vma(vma)) + return -EPERM; + if (newflags == oldflags) { *pprev = vma; return 0; @@ -769,15 +772,6 @@ static int do_mprotect_pkey(unsigned long start, size_t len, } } - /* - * checking if memory is sealed. - * can_modify_mm assumes we have acquired the lock on MM. - */ - if (unlikely(!can_modify_mm(current->mm, start, end))) { - error = -EPERM; - goto out; - } - prev = vma_prev(&vmi); if (start > vma->vm_start) prev = vma; From patchwork Sat Aug 17 00:18:31 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pedro Falcato X-Patchwork-Id: 820111 Received: from mail-wm1-f47.google.com (mail-wm1-f47.google.com [209.85.128.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 64E12B66C; Sat, 17 Aug 2024 00:18:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.47 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723853932; cv=none; b=bPoPUc1Ec0bo9bE8Ih8bsBd0VHMG6tmvfCUxSI5Nb+38RlJXEdQQyxeH4UvkeCuED3LHu4fA2hJIby99J61ec4X52nV1lfUomwCxoJLrOw7qFl+BVgoNswdJLojKeVXrDS3c83wHISIix6DC07V1KyurmPdO+2+hMNKgZRYw7VU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723853932; c=relaxed/simple; bh=ZqblwcZQYik6vrCA28VHOhZDiHbXGTOLSFUeNURbjQc=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=Tl78/ZYxcsNFw/kegtBl00NLSJ34WzHtgRbvZ7pHBNC7jXYyh/6fvZt58sEmMRXpf3iJ3cEFD2+AE8U0mqP4zpOxxvEad2xjwcSIU+I1w2yd3/OkLwfQXeuMxEZJh6KCRyEJirBTm5uKtL0L12x65JYqTnhETGcdyWTz/oaSdWw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=TWb2gbtv; arc=none smtp.client-ip=209.85.128.47 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="TWb2gbtv" Received: by mail-wm1-f47.google.com with SMTP id 5b1f17b1804b1-42808071810so18184245e9.1; Fri, 16 Aug 2024 17:18:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1723853924; x=1724458724; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=bAmgLDl1px7jqd76Q1p746SydraVXJ6Ud6jad/RgDJQ=; b=TWb2gbtvgRnlI02gklOwJjG7OL/w/Tme78YgisZFIdjpoEuljPnWoteDYgb6ltn0LO tSlLekgtjQ74ZrePrD1AMzC+BVx2sxLLdFvA/SM7IdSjagN1ZvfyVl3vFXPkjHxzIqGo dLPBA8tFyEgX0PrClKqtGv6HR2zlDMHbvd2dLSqA8b441SxFb6Qehjq8yMZYJzL/KT+o AISV2nolOSufKsE5DVCsrSBFRDT7EudIByrZIUCNEEy6anLktE49s4MnGeJ49NE1RuG7 kGjvjjXBaooFKUJCft94WAlGU9pileay37TTxO5Z5mkf3XlX/OliQPvyGfEZ5FQQbqx+ ft5A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723853924; x=1724458724; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=bAmgLDl1px7jqd76Q1p746SydraVXJ6Ud6jad/RgDJQ=; b=ILZqVmL35bYsBYLv6gdat+RKvn6NlLokQsVy6oqobvvHWw1rhlttdu6v9U3isWpA7j uE3YvoU/4fB7FFkpvCF5GaWBrB19jzcaN/qiNtUsTGCItsnH/YHoFZQz1TbWMqEPdFRt dWYs1i8W1/uRJRD5tDsjzIEaIs5eU+7wKrsDI/VNRH1DQnaVmiL8GYYZEFM7dkF6iSFx zSKmPLibvwPhakP3SwvnEvA/CC+zfi0vCmJNWtI4SgpSCuAHBmvk5Zrn/mu/KEhFZOmW vAPPq4Yf8chpIZdqqMS9TRpM+QIY6+/2SNCbH4F9Xt942oEVwYjUwIbUujfouJmZVy3R LpCA== X-Forwarded-Encrypted: i=1; AJvYcCXkEVJvzaSokYfG5ugYCAaZHw0PzuQ0E2viIvISUAD7k2Obwb8/W0zGnQ4B2a/GNVYIxkPZkTHQ9yd6485mT8geRRJw+Hwik6wzyJOLjIMNtR+l+el33kLGmOxcB+lE4l1dbCtn9ejP+XeRTpA1 X-Gm-Message-State: AOJu0YwAO42Jgh6Vg0l8JJod+2C7dlBAXU/O84vpOfZO7ElYNE57cA77 OS2NqwJuOMdsexRruR0sHlHPPcYfg/NAcjIGt9pw+/5zIUtTw0kZAk6Iuyjt X-Google-Smtp-Source: AGHT+IGM0TLfyEre+jfwvYu3EzVkhOnPhcS/imjEho/f+Tms2EZbTyomcs1S5bb2scgoXXDqQlsfmg== X-Received: by 2002:a05:600c:4fc8:b0:426:593c:9361 with SMTP id 5b1f17b1804b1-429ed7d1f39mr29141995e9.26.1723853923095; Fri, 16 Aug 2024 17:18:43 -0700 (PDT) Received: from [192.168.1.91] ([2001:818:e92f:6400:96b:aa92:afc0:2d3d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-429d781047asm104842055e9.0.2024.08.16.17.18.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 16 Aug 2024 17:18:42 -0700 (PDT) From: Pedro Falcato Date: Sat, 17 Aug 2024 01:18:31 +0100 Subject: [PATCH v3 4/7] mm/mremap: Replace can_modify_mm with can_modify_vma Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20240817-mseal-depessimize-v3-4-d8d2e037df30@gmail.com> References: <20240817-mseal-depessimize-v3-0-d8d2e037df30@gmail.com> In-Reply-To: <20240817-mseal-depessimize-v3-0-d8d2e037df30@gmail.com> To: Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes , Shuah Khan Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, jeffxu@chromium.org, oliver.sang@intel.com, torvalds@linux-foundation.org, Michael Ellerman , Kees Cook , Pedro Falcato X-Mailer: b4 0.14.1 Delegate all can_modify checks to the proper places. Unmap checks are done in do_unmap (et al). The source VMA check is done purposefully before unmapping, to keep the original mseal semantics. Signed-off-by: Pedro Falcato Reviewed-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes --- mm/mremap.c | 32 ++++++-------------------------- 1 file changed, 6 insertions(+), 26 deletions(-) diff --git a/mm/mremap.c b/mm/mremap.c index e7ae140fc640..24712f8dbb6b 100644 --- a/mm/mremap.c +++ b/mm/mremap.c @@ -902,19 +902,6 @@ static unsigned long mremap_to(unsigned long addr, unsigned long old_len, if ((mm->map_count + 2) >= sysctl_max_map_count - 3) return -ENOMEM; - /* - * In mremap_to(). - * Move a VMA to another location, check if src addr is sealed. - * - * Place can_modify_mm here because mremap_to() - * does its own checking for address range, and we only - * check the sealing after passing those checks. - * - * can_modify_mm assumes we have acquired the lock on MM. - */ - if (unlikely(!can_modify_mm(mm, addr, addr + old_len))) - return -EPERM; - if (flags & MREMAP_FIXED) { /* * In mremap_to(). @@ -1052,6 +1039,12 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len, goto out; } + /* Don't allow remapping vmas when they have already been sealed */ + if (!can_modify_vma(vma)) { + ret = -EPERM; + goto out; + } + if (is_vm_hugetlb_page(vma)) { struct hstate *h __maybe_unused = hstate_vma(vma); @@ -1079,19 +1072,6 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len, goto out; } - /* - * Below is shrink/expand case (not mremap_to()) - * Check if src address is sealed, if so, reject. - * In other words, prevent shrinking or expanding a sealed VMA. - * - * Place can_modify_mm here so we can keep the logic related to - * shrink/expand together. - */ - if (unlikely(!can_modify_mm(mm, addr, addr + old_len))) { - ret = -EPERM; - goto out; - } - /* * Always allow a shrinking remap: that just unmaps * the unnecessary pages.. From patchwork Sat Aug 17 00:18:32 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pedro Falcato X-Patchwork-Id: 820227 Received: from mail-wr1-f48.google.com (mail-wr1-f48.google.com [209.85.221.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 379E24C96; Sat, 17 Aug 2024 00:18:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.48 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723853933; cv=none; b=BGYeZcx5fpn9S47EEfRS9Rxt0HmRElkVHelC5yhgc0yrsbTPjv4Px6ZofqIEnP5Dd3OiwHYBCpCaR4san4PiG5GDSASxvvqVkQz9qvEgyQ0dZvNyuqlt6UmOSwBVZAiEzIBbTj39FtVHdihA3Zjah1+cOadj4t/ewn97WVfrIL4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723853933; c=relaxed/simple; bh=5nC1RhLpgrxNbZe4uoGMsvaSLGktLHd7rzFicJCaFbw=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=nMM6P/mUGe97CnzeBJ+fCvCekSBHXv4OYcrJeWNnhG6gPziInEKaYkoVfVNy52+y/MTzxLLibXOeQBMOfzWpyQKCWD5Yc6YG9Qfhrh+gHf2RWhr+LpiPJw8bSjiM0AxaS61obxkgH8qO2bImUU9AK0EKarAmgh5zdejjaxI+t+o= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=UvVLBj4G; arc=none smtp.client-ip=209.85.221.48 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="UvVLBj4G" Received: by mail-wr1-f48.google.com with SMTP id ffacd0b85a97d-37186c2278bso1402506f8f.1; Fri, 16 Aug 2024 17:18:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1723853925; x=1724458725; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=LrPcZ5dxXI2S7kFYpXooZU8/pyUJQvH2vRgq9oEXpMQ=; b=UvVLBj4GBnyqEd9SRT1MQ6z7uJ2P0a8QDZ786E+GA+8l1lhCKekuOLEv9PiJVuK03q 91JTL1vzzOXjeIkpnTJrzTN5V2+5/k5BmRT5jDZJG+HhNR3tDBYx0op8ZK9X7aMcsgsX w2/z8PVtmmViJYh2Kyb8J1Kz7BGROTrHWS5eRTz5FNPsCz7dmNNqPk3325Wlj4DvFzBQ RWdZ5fgug70him1dhTbgVoeMlPCD0t3PqVK2mO543uJcg0UFWHB+2v8qIZDGB62AkPLI 1aHe4dqEs6GXOx2ZPTOPsiTDHVTMf/lNVwagoE112gB6bRhVvr8ozcXBoqQfdDeJv7n4 ZdDw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723853925; x=1724458725; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=LrPcZ5dxXI2S7kFYpXooZU8/pyUJQvH2vRgq9oEXpMQ=; b=IU3w6rVd2qT8DVLkHNao2GlsY0pFLJOYt/+WzrgnnIAg1kJZdIcBCXjLFYHJbFff1+ P8eWdo2ebPpFvhgXsrUFhj8ZTIDErDJYbYTnEvWqhu3xiXj1/lumnlJRa17J3xdVvW7c bhbdpH0rBXWLjTnOSsoEdvZEuIYimFg5GjXIRRinX6nLK/6ikRE/CrUqUA8446emZvDl OAGYpyq1E1+qHba6gg96cIm1TSQz6trDdSCy3nj69clmeN5oCaDZOfjWjHsx3D8xcUxr KVbRwLfTM8X+5wSQIWMDevP1XDIhoMMcbMyLBe9lvyz6XXOQEZValiLhBp5HTds7uTfl 0Z8Q== X-Forwarded-Encrypted: i=1; AJvYcCU1cV/OGEmRRe0m7dduLozK/4nMwlu2e7agp74u/oVttnklS2pZaZT9m3voe8AAdTNxyFMHyeeVfPWSGWuQCdYr8cgSSkU1y3zKJaxBLnhITSoZB6C7CtsC7NA0pFbSLm8myzaFAcwvgtjkRuhB X-Gm-Message-State: AOJu0YwHhPnw7rw1WSS2CWTejPFQrCmiOZ//TIOdmMsVh0Uc2O6+tqzh Simk24exRdvFt0cSr4jIrpGWVS1a7rAbNmkzSnbunWdqVg1qkFF2/ER16Jop X-Google-Smtp-Source: AGHT+IHob2iXeWVcLHrIvT5oHF+c90MvHS34UpZmw02JaWHR+F0oJhRdWeWAe0XuH/19P/AChePKAQ== X-Received: by 2002:a05:6000:2a8:b0:368:377a:e8bb with SMTP id ffacd0b85a97d-37186dda493mr7610866f8f.28.1723853924555; Fri, 16 Aug 2024 17:18:44 -0700 (PDT) Received: from [192.168.1.91] ([2001:818:e92f:6400:96b:aa92:afc0:2d3d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-429d781047asm104842055e9.0.2024.08.16.17.18.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 16 Aug 2024 17:18:44 -0700 (PDT) From: Pedro Falcato Date: Sat, 17 Aug 2024 01:18:32 +0100 Subject: [PATCH v3 5/7] mseal: Replace can_modify_mm_madv with a vma variant Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20240817-mseal-depessimize-v3-5-d8d2e037df30@gmail.com> References: <20240817-mseal-depessimize-v3-0-d8d2e037df30@gmail.com> In-Reply-To: <20240817-mseal-depessimize-v3-0-d8d2e037df30@gmail.com> To: Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes , Shuah Khan Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, jeffxu@chromium.org, oliver.sang@intel.com, torvalds@linux-foundation.org, Michael Ellerman , Kees Cook , Pedro Falcato X-Mailer: b4 0.14.1 Replace can_modify_mm_madv() with a single vma variant, and associated checks in madvise. While we're at it, also invert the order of checks in: if (unlikely(is_ro_anon(vma) && !can_modify_vma(vma)) Checking if we can modify the vma itself (through vm_flags) is certainly cheaper than is_ro_anon() due to arch_vma_access_permitted() looking at e.g pkeys registers (with extra branches) in some architectures. This patch allows for partial madvise success when finding a sealed VMA, which historically has been allowed in Linux. Signed-off-by: Pedro Falcato Reviewed-by: Liam R. Howlett --- mm/internal.h | 2 -- mm/madvise.c | 13 +++---------- mm/mseal.c | 17 ++++------------- mm/vma.h | 7 +++++++ 4 files changed, 14 insertions(+), 25 deletions(-) diff --git a/mm/internal.h b/mm/internal.h index ca422aede342..1db320650539 100644 --- a/mm/internal.h +++ b/mm/internal.h @@ -1363,8 +1363,6 @@ static inline int can_do_mseal(unsigned long flags) bool can_modify_mm(struct mm_struct *mm, unsigned long start, unsigned long end); -bool can_modify_mm_madv(struct mm_struct *mm, unsigned long start, - unsigned long end, int behavior); #else static inline int can_do_mseal(unsigned long flags) { diff --git a/mm/madvise.c b/mm/madvise.c index 89089d84f8df..4e64770be16c 100644 --- a/mm/madvise.c +++ b/mm/madvise.c @@ -1031,6 +1031,9 @@ static int madvise_vma_behavior(struct vm_area_struct *vma, struct anon_vma_name *anon_name; unsigned long new_flags = vma->vm_flags; + if (unlikely(!can_modify_vma_madv(vma, behavior))) + return -EPERM; + switch (behavior) { case MADV_REMOVE: return madvise_remove(vma, prev, start, end); @@ -1448,15 +1451,6 @@ int do_madvise(struct mm_struct *mm, unsigned long start, size_t len_in, int beh start = untagged_addr_remote(mm, start); end = start + len; - /* - * Check if the address range is sealed for do_madvise(). - * can_modify_mm_madv assumes we have acquired the lock on MM. - */ - if (unlikely(!can_modify_mm_madv(mm, start, end, behavior))) { - error = -EPERM; - goto out; - } - blk_start_plug(&plug); switch (behavior) { case MADV_POPULATE_READ: @@ -1470,7 +1464,6 @@ int do_madvise(struct mm_struct *mm, unsigned long start, size_t len_in, int beh } blk_finish_plug(&plug); -out: if (write) mmap_write_unlock(mm); else diff --git a/mm/mseal.c b/mm/mseal.c index 2170e2139ca0..fdd1666344fa 100644 --- a/mm/mseal.c +++ b/mm/mseal.c @@ -75,24 +75,15 @@ bool can_modify_mm(struct mm_struct *mm, unsigned long start, unsigned long end) } /* - * Check if the vmas of a memory range are allowed to be modified by madvise. - * the memory ranger can have a gap (unallocated memory). - * return true, if it is allowed. + * Check if a vma is allowed to be modified by madvise. */ -bool can_modify_mm_madv(struct mm_struct *mm, unsigned long start, unsigned long end, - int behavior) +bool can_modify_vma_madv(struct vm_area_struct *vma, int behavior) { - struct vm_area_struct *vma; - - VMA_ITERATOR(vmi, mm, start); - if (!is_madv_discard(behavior)) return true; - /* going through each vma to check. */ - for_each_vma_range(vmi, vma, end) - if (unlikely(is_ro_anon(vma) && !can_modify_vma(vma))) - return false; + if (unlikely(!can_modify_vma(vma) && is_ro_anon(vma))) + return false; /* Allow by default. */ return true; diff --git a/mm/vma.h b/mm/vma.h index e979015cc7fc..da31d0f62157 100644 --- a/mm/vma.h +++ b/mm/vma.h @@ -380,6 +380,8 @@ static inline bool can_modify_vma(struct vm_area_struct *vma) return true; } +bool can_modify_vma_madv(struct vm_area_struct *vma, int behavior); + #else static inline bool can_modify_vma(struct vm_area_struct *vma) @@ -387,6 +389,11 @@ static inline bool can_modify_vma(struct vm_area_struct *vma) return true; } +static inline bool can_modify_vma_madv(struct vm_area_struct *vma, int behavior) +{ + return true; +} + #endif #endif /* __MM_VMA_H */ From patchwork Sat Aug 17 00:18:33 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pedro Falcato X-Patchwork-Id: 820110 Received: from mail-wm1-f48.google.com (mail-wm1-f48.google.com [209.85.128.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 96ACDD528; Sat, 17 Aug 2024 00:18:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.48 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723853935; cv=none; b=gqM6YTCiK5NHLDzNrs9Q7OW3G91NEVPnkNpP20o5QX8NA1EAyDd5c6zOGkXQKKMYbJTt1ddvFYbSFC1bv73RhG2mnvrmfHJjiq4i6+rQTc4geAxi3qnD4RDAIZRDD72BsXwVsWvZdwApiRRG8Abc/92bCx07Gm0nsckBr/3FASM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723853935; c=relaxed/simple; bh=PPVtoGfH+n/uXz0XuV6YOIVjCU0QeGSJrXMAVw/dm04=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=GnGNksFKRwltTLiIQJbl2+WIewNOboQxqzkB22V9LNIepr7KDJBpgoSVB9WfsSHKZj4D2GfilmnVt3RsjrJ9xLNEJTQJDMDEtTrOSJgxKXbFr3gvJHDQbiyyPz7QLIikvIIy94s43Z8uYlsUIynJdquW/Z7Me4cFoT4nC4JOQR8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=aOpCB0Ip; arc=none smtp.client-ip=209.85.128.48 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="aOpCB0Ip" Received: by mail-wm1-f48.google.com with SMTP id 5b1f17b1804b1-428e3129851so18558585e9.3; Fri, 16 Aug 2024 17:18:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1723853927; x=1724458727; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=AVSLpFCNCxLphAVPpePgVTrDRTKaNng95YGqfZlpIJs=; b=aOpCB0IpmkuI6bIUJviDnPvryY4GnxPru1q4dFEEeCDpeFRIKOwMSmrWBALoBCyNx4 K2fuuVo914vKFCZrO1espBYK4m0B/Ph1ilERhJItl8JOHPBa7TCgbR5icbJAcLbx++SO 0BFOqrt/x3OOmtph6eJ4l9HAiwkYS0CUDsVWFVSIkbzNUSp8Me25Dqg5yOaToW5YwTvN 6qjf6Chl3UuLsPjhN4RphvBTqZ34Lb5X0Fn8XElVoz7TuKHzzgiZS4ELjRPFnM45uyZa afmu0BIjcNCdw0MllXOE1p8LrVome8O8yYmClNzUtKZZDslG6ni9NRM9GkgsC1snSJOB yNKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723853927; x=1724458727; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=AVSLpFCNCxLphAVPpePgVTrDRTKaNng95YGqfZlpIJs=; b=AdDA3LK/IcyoTQdmpvN0XCJSDMi9uJU5sBmQ/yMRFF3XippdJP59kzPiTcIa+EC22I 4SYjkUQudEB73uwMZh8yUMHUO+An6HMRPfl7VaErL8rjSVvaFJxjT6CuLOa8WJ2xorM5 mqhBAbEh9zMTRolXNDEEq3OyQXqpaTiE2eTN6Rc67bdAyvSZsTyRpHuZIHj8CcwvYlrs 8DblhlTBBAuQSggMyGIyEhWicPqqvizXiG27dTrNS/6RyfhGMahgXBBTj0tHUfNq1hoS re6AseehyL0ENydWOPzQtpkPJ+fpyobOvWOPyZw/W0KDgHhsPO0Yz1fbeAVUDTSCLWW+ //Zw== X-Forwarded-Encrypted: i=1; AJvYcCUnf9atiMb+SObz7id57cTebBMZf9XyGVM+oZMKIyD5ChKqRlUDl1/dEmDvLzAd7VXWI0nyTB3wI37MCsklImGaLQdTp/5SItur/V2ZHt6fuk5ODlihIUnrKD94nyOxRbYqNfOzJYyQzgmuXPJY X-Gm-Message-State: AOJu0YzCfDVRzuXyBCt19q2zBjFx5J/Ezfr5yGovMSZm27+OMzX+oda6 7pp8cLHHxCNU903SvY60FVk5tG9UyCgB40Fxu/ntR33pdk+aMqJ9Uw0GBoe3 X-Google-Smtp-Source: AGHT+IEF/45IWEnY8seUwWDHiPQtCFESvI6bebHfacPqy451180xkuSrsBTLSGa9GQqBMGnh8DYNYw== X-Received: by 2002:a05:600c:35c5:b0:428:1a48:d5cf with SMTP id 5b1f17b1804b1-429ed7ba070mr33189155e9.9.1723853925945; Fri, 16 Aug 2024 17:18:45 -0700 (PDT) Received: from [192.168.1.91] ([2001:818:e92f:6400:96b:aa92:afc0:2d3d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-429d781047asm104842055e9.0.2024.08.16.17.18.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 16 Aug 2024 17:18:45 -0700 (PDT) From: Pedro Falcato Date: Sat, 17 Aug 2024 01:18:33 +0100 Subject: [PATCH v3 6/7] mm: Remove can_modify_mm() Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20240817-mseal-depessimize-v3-6-d8d2e037df30@gmail.com> References: <20240817-mseal-depessimize-v3-0-d8d2e037df30@gmail.com> In-Reply-To: <20240817-mseal-depessimize-v3-0-d8d2e037df30@gmail.com> To: Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes , Shuah Khan Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, jeffxu@chromium.org, oliver.sang@intel.com, torvalds@linux-foundation.org, Michael Ellerman , Kees Cook , Pedro Falcato X-Mailer: b4 0.14.1 With no more users in the tree, we can finally remove can_modify_mm(). Signed-off-by: Pedro Falcato Reviewed-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes --- mm/internal.h | 14 -------------- mm/mseal.c | 21 --------------------- 2 files changed, 35 deletions(-) diff --git a/mm/internal.h b/mm/internal.h index 1db320650539..3b738b0ad893 100644 --- a/mm/internal.h +++ b/mm/internal.h @@ -1361,25 +1361,11 @@ static inline int can_do_mseal(unsigned long flags) return 0; } -bool can_modify_mm(struct mm_struct *mm, unsigned long start, - unsigned long end); #else static inline int can_do_mseal(unsigned long flags) { return -EPERM; } - -static inline bool can_modify_mm(struct mm_struct *mm, unsigned long start, - unsigned long end) -{ - return true; -} - -static inline bool can_modify_mm_madv(struct mm_struct *mm, unsigned long start, - unsigned long end, int behavior) -{ - return true; -} #endif #ifdef CONFIG_SHRINKER_DEBUG diff --git a/mm/mseal.c b/mm/mseal.c index fdd1666344fa..28cd17d7aaf2 100644 --- a/mm/mseal.c +++ b/mm/mseal.c @@ -53,27 +53,6 @@ static bool is_ro_anon(struct vm_area_struct *vma) return false; } -/* - * Check if the vmas of a memory range are allowed to be modified. - * the memory ranger can have a gap (unallocated memory). - * return true, if it is allowed. - */ -bool can_modify_mm(struct mm_struct *mm, unsigned long start, unsigned long end) -{ - struct vm_area_struct *vma; - - VMA_ITERATOR(vmi, mm, start); - - /* going through each vma to check. */ - for_each_vma_range(vmi, vma, end) { - if (unlikely(!can_modify_vma(vma))) - return false; - } - - /* Allow by default. */ - return true; -} - /* * Check if a vma is allowed to be modified by madvise. */ From patchwork Sat Aug 17 00:18:34 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pedro Falcato X-Patchwork-Id: 820226 Received: from mail-wm1-f53.google.com (mail-wm1-f53.google.com [209.85.128.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 17078EEDB; Sat, 17 Aug 2024 00:18:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.53 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723853936; cv=none; b=M+S5/6L5CyCt4GKeDIOmlQoK5tXWrkt4NYy2e0fwD/TSd7wCnfZdVZNo93sDyEguxEY+7kSZdKkBEYb5DR7GFeDWnsosdZzzcCQ/In2W/XjxKZvwHeo40s4OkmPTb8xbj6gHLNuH34BIsWZhoLvpnPUbLzADmeeqcSVY8gsjU64= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1723853936; c=relaxed/simple; bh=RDAgmQdD7RbbuFFDsahGWPQRcFjak0eGFpbBcaph2tE=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=grHfHpIu7dxQeeBHvVqleyTZpUILWqHURwwHmMzNDSGXSzvDJF6FrbH89cmdLd0hvmjiNODSQq/al3GDHjMCR45djAdT8Tb5uY6vOmP50Xnz3vvA5qC732r1gh4v0KdiXujcnRk8Uop+9IvRq8Q9NgYqs/PV0qtiaYkWxsmAVLc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=lFdy8g5u; arc=none smtp.client-ip=209.85.128.53 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="lFdy8g5u" Received: by mail-wm1-f53.google.com with SMTP id 5b1f17b1804b1-428163f7635so19745035e9.2; Fri, 16 Aug 2024 17:18:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1723853928; x=1724458728; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=3BNTUbl7+nCW9RPTsVIAgPqk6kKkrw4lo+pgAchkUc4=; b=lFdy8g5uLY/KeZmlZume6CRPzYa/9ryYvJ5nf5WXqdpQFHnXpzs7Ry+w58VLNw91IM J9MB99VzkJmC/h0iJK43R9AUF40knHP1upSnFL08OcGaGr9MIylVoA030BQxB6nHq6fD HOGF7E3hRCM/IkuKVN8utjv+5ooPxMG1VF3jkT8SPM69lwdYBMty51mMBKiA4YpB6ddC NHIpHhjQklDYcSnh3GFjRAKUAE9jk8qYgIFtRauvjhfK5Go5O4mY+nVxQZ4XgWiQ8ADZ pRBYQRS3Lq+/Q5mythB8+mLpYV3kpmd2h7L58pNWvDR5hAflNZOh4GbR08LlERSzdkBz yQ6w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723853928; x=1724458728; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3BNTUbl7+nCW9RPTsVIAgPqk6kKkrw4lo+pgAchkUc4=; b=h52LsxlCDqJNNAc3yDzd8X/U53KFeVj9MPG3CzxUmmF85QQuGtCvgDWdrEzj9LbAq9 3ceTNIWcKqL2Qxr481ArrfV2joE1UT6sviwhYTQJnTD6HCEYxTld5wMXF5+LZvCeXgH8 MvH+dArdcfjO7SJfwtfzX4+jdSUf3mi7E5fPwP/wOprSyP3KUBRCTOsCeDXhYhqi4lSt 0zlqljaLLHw0tVxhEBl36oVXljl9hs5tm9Wm3Azpuw0/UWYBnVG/15k9TTo6HGZj2Az+ 1/+8XLXof2F51ACOei2+c0dlXn1TExFqM5bDB3rEd1rDexE5131JUS/RjbrkoQUfsqaI 8Ixw== X-Forwarded-Encrypted: i=1; AJvYcCVfnQ15sSlQI6b7SrHFgeRhg6dWCBOPSGbLiSfVD79F81vZKtW0XPI3N8XZ4JHSLmBcHGOpKFrSxTFfoKoAjd9F1607V7aEYa7gjwi9SBJKpMM0jfxHOc8gcNMy9hegEP3XH6ELUKQZ9WqKtQ7g X-Gm-Message-State: AOJu0YwZ6e/d5pYH+eN7hwznnB/8BcC/suL8A32MZZagnWZqlmlTb7mw OU/W9OvH/qBcFNyNPPRd3NefPLLO5HvOTSa7rDH2LDB/WoGFI63lWUbz93re X-Google-Smtp-Source: AGHT+IFIhkDMqUt+pj5IYnY7Cri9JLM7/ke3nV3b+/GsdZDIlIl1wzdvrsc5f4Owwa72QzEPcfRwGQ== X-Received: by 2002:a05:600c:45ca:b0:426:5ddf:fd22 with SMTP id 5b1f17b1804b1-429ed78572bmr30664255e9.6.1723853927337; Fri, 16 Aug 2024 17:18:47 -0700 (PDT) Received: from [192.168.1.91] ([2001:818:e92f:6400:96b:aa92:afc0:2d3d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-429d781047asm104842055e9.0.2024.08.16.17.18.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 16 Aug 2024 17:18:46 -0700 (PDT) From: Pedro Falcato Date: Sat, 17 Aug 2024 01:18:34 +0100 Subject: [PATCH v3 7/7] selftests/mm: add more mseal traversal tests Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-Id: <20240817-mseal-depessimize-v3-7-d8d2e037df30@gmail.com> References: <20240817-mseal-depessimize-v3-0-d8d2e037df30@gmail.com> In-Reply-To: <20240817-mseal-depessimize-v3-0-d8d2e037df30@gmail.com> To: Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes , Shuah Khan Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, jeffxu@chromium.org, oliver.sang@intel.com, torvalds@linux-foundation.org, Michael Ellerman , Kees Cook , Pedro Falcato X-Mailer: b4 0.14.1 Add more mseal traversal tests across VMAs, where we could possibly screw up sealing checks. These test more across-vma traversal for mprotect, munmap and madvise. Particularly, we test for the case where a regular VMA is followed by a sealed VMA. Signed-off-by: Pedro Falcato Reviewed-by: Liam R. Howlett --- tools/testing/selftests/mm/mseal_test.c | 111 +++++++++++++++++++++++++++++++- 1 file changed, 110 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/mm/mseal_test.c b/tools/testing/selftests/mm/mseal_test.c index 259bef4945e9..0d4d40fb0f88 100644 --- a/tools/testing/selftests/mm/mseal_test.c +++ b/tools/testing/selftests/mm/mseal_test.c @@ -766,6 +766,42 @@ static void test_seal_mprotect_partial_mprotect(bool seal) REPORT_TEST_PASS(); } +static void test_seal_mprotect_partial_mprotect_tail(bool seal) +{ + void *ptr; + unsigned long page_size = getpagesize(); + unsigned long size = 2 * page_size; + int ret; + int prot; + + /* + * Check if a partial mseal (that results in two vmas) works correctly. + * It might mprotect the first, but it'll never touch the second (msealed) vma. + */ + + setup_single_address(size, &ptr); + FAIL_TEST_IF_FALSE(ptr != (void *)-1); + + if (seal) { + ret = sys_mseal(ptr + page_size, size); + FAIL_TEST_IF_FALSE(!ret); + } + + ret = sys_mprotect(ptr, size, PROT_EXEC); + if (seal) + FAIL_TEST_IF_FALSE(ret < 0); + else + FAIL_TEST_IF_FALSE(!ret); + + if (seal) { + FAIL_TEST_IF_FALSE(get_vma_size(ptr + page_size, &prot) > 0); + FAIL_TEST_IF_FALSE(prot == 0x4); + } + + REPORT_TEST_PASS(); +} + + static void test_seal_mprotect_two_vma_with_gap(bool seal) { void *ptr; @@ -983,6 +1019,41 @@ static void test_seal_munmap_vma_with_gap(bool seal) REPORT_TEST_PASS(); } +static void test_seal_munmap_partial_across_vmas(bool seal) +{ + void *ptr; + unsigned long page_size = getpagesize(); + unsigned long size = 2 * page_size; + int ret; + int prot; + + /* + * Check if a partial mseal (that results in two vmas) works correctly. + * It might unmap the first, but it'll never unmap the second (msealed) vma. + */ + + setup_single_address(size, &ptr); + FAIL_TEST_IF_FALSE(ptr != (void *)-1); + + if (seal) { + ret = sys_mseal(ptr + page_size, size); + FAIL_TEST_IF_FALSE(!ret); + } + + ret = sys_munmap(ptr, size); + if (seal) + FAIL_TEST_IF_FALSE(ret < 0); + else + FAIL_TEST_IF_FALSE(!ret); + + if (seal) { + FAIL_TEST_IF_FALSE(get_vma_size(ptr + page_size, &prot) > 0); + FAIL_TEST_IF_FALSE(prot == 0x4); + } + + REPORT_TEST_PASS(); +} + static void test_munmap_start_freed(bool seal) { void *ptr; @@ -1735,6 +1806,37 @@ static void test_seal_discard_ro_anon(bool seal) REPORT_TEST_PASS(); } +static void test_seal_discard_across_vmas(bool seal) +{ + void *ptr; + unsigned long page_size = getpagesize(); + unsigned long size = 2 * page_size; + int ret; + + setup_single_address(size, &ptr); + FAIL_TEST_IF_FALSE(ptr != (void *)-1); + + if (seal) { + ret = seal_single_address(ptr + page_size, page_size); + FAIL_TEST_IF_FALSE(!ret); + } + + ret = sys_madvise(ptr, size, MADV_DONTNEED); + if (seal) + FAIL_TEST_IF_FALSE(ret < 0); + else + FAIL_TEST_IF_FALSE(!ret); + + ret = sys_munmap(ptr, size); + if (seal) + FAIL_TEST_IF_FALSE(ret < 0); + else + FAIL_TEST_IF_FALSE(!ret); + + REPORT_TEST_PASS(); +} + + static void test_seal_madvise_nodiscard(bool seal) { void *ptr; @@ -1779,7 +1881,7 @@ int main(int argc, char **argv) if (!pkey_supported()) ksft_print_msg("PKEY not supported\n"); - ksft_set_plan(82); + ksft_set_plan(88); test_seal_addseal(); test_seal_unmapped_start(); @@ -1825,12 +1927,17 @@ int main(int argc, char **argv) test_seal_mprotect_split(false); test_seal_mprotect_split(true); + test_seal_mprotect_partial_mprotect_tail(false); + test_seal_mprotect_partial_mprotect_tail(true); + test_seal_munmap(false); test_seal_munmap(true); test_seal_munmap_two_vma(false); test_seal_munmap_two_vma(true); test_seal_munmap_vma_with_gap(false); test_seal_munmap_vma_with_gap(true); + test_seal_munmap_partial_across_vmas(false); + test_seal_munmap_partial_across_vmas(true); test_munmap_start_freed(false); test_munmap_start_freed(true); @@ -1862,6 +1969,8 @@ int main(int argc, char **argv) test_seal_madvise_nodiscard(true); test_seal_discard_ro_anon(false); test_seal_discard_ro_anon(true); + test_seal_discard_across_vmas(false); + test_seal_discard_across_vmas(true); test_seal_discard_ro_anon_on_rw(false); test_seal_discard_ro_anon_on_rw(true); test_seal_discard_ro_anon_on_shared(false);